Career Growth, Flexibility and Collaboration!
Entrust is dedicated to keeping the world moving safely by enabling trusted identities, payments, and data protection around the globe. Headquartered in Minnesota, we offer our colleagues the ability to work globally, in a flexible and collaborative environment. Our team makes an impact!!
The Company: Entrust relies on curious, dedicated and innovative individuals whom anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust’s technologies and expertise help government agencies, enterprises and financial institutions in more than 150 countries serve and safeguard citizens, employees and consumers.
We Believe: Securing identities is most effective when we value all identities. We are committed to ensuring that, through diversity and inclusion, the many voices that make up our communities are heard. From unconscious bias training for managers to global affinity groups that create connections both within and across our enterprise, Entrust expects and encourages all individuals to accept and respect one another. And, of course, to be themselves.
We are seeking a talented Sr Security Compliance Analyst to join our Information Security Governance, Risk, and Compliance team to perform IT and cybersecurity control testing and evaluate risks against Entrust systems, applications, processes, and environments. As a direct report to the Senior Risk Manager, this important position will provide consistency and expertise to the IT and cybersecurity control testing and risk evaluation functions ensuring compliance with Information Security policies and standards.
Responsibilities
Identity and Access Management Systems
Single Sign-On and Two-factor authentication
Firewalls, Content Filtering
Anti-Virus software, Intrusion Detection/Prevention, Vulnerability Assessment software
Entrust is an EEO/AA/Disabled/Veterans Employer
For Canadian Roles, Or Where Applicable
Entrust values diversity and inclusion and we are committed to building a diverse workforce with wide perspectives and innovative ideas. We welcome applications from qualified individuals of all backgrounds, and we strive to provide an accessible experience for candidates of all abilities.
If you require an accommodation, contact accessibility@entrust.com.
Recruiter
Steve Donahue
Steve.Donahue@entrust.com
Entrust is dedicated to keeping the world moving safely by enabling trusted identities, payments, and data protection around the globe. Headquartered in Minnesota, we offer our colleagues the ability to work globally, in a flexible and collaborative environment. Our team makes an impact!!
The Company: Entrust relies on curious, dedicated and innovative individuals whom anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust’s technologies and expertise help government agencies, enterprises and financial institutions in more than 150 countries serve and safeguard citizens, employees and consumers.
We Believe: Securing identities is most effective when we value all identities. We are committed to ensuring that, through diversity and inclusion, the many voices that make up our communities are heard. From unconscious bias training for managers to global affinity groups that create connections both within and across our enterprise, Entrust expects and encourages all individuals to accept and respect one another. And, of course, to be themselves.
We are seeking a talented Sr Security Compliance Analyst to join our Information Security Governance, Risk, and Compliance team to perform IT and cybersecurity control testing and evaluate risks against Entrust systems, applications, processes, and environments. As a direct report to the Senior Risk Manager, this important position will provide consistency and expertise to the IT and cybersecurity control testing and risk evaluation functions ensuring compliance with Information Security policies and standards.
Responsibilities
- Conduct IT and cybersecurity control testing and risk evaluation for technology systems, applications, processes, and environments against ISO/IEC 2700 series and NIST Cybersecurity Framework (CSF) standard requirements.
- Evaluate design, implementation and effectiveness of existing IT and cybersecurity controls, document an deviations/gaps and recommend improvements.
- Support the design and implementation of automated control validation to enable ongoing/continuous monitoring of controls.
- Periodically re-test security control after risk mitigation or risk acceptance.
- Develop, document, and execute control testing plans, including scope, approach, timeline, framework, detailed testing plan (documentation reviews, interviews, control assessments and testing methods)
- Collaborate with internal (Compliance and Audit) and cross-functional (Privacy, ERM, Legal) teams to identify, prioritize risk and track risks.
- Prepare control testing and risk assessment reports, document control deviations, and
- communicate results to stakeholders.
- Assist in developing risk mitigation strategies and action plans to resolve control deficiencies.
- Ensure security policies and standards are properly aligned to our control inventory.
- Stay informed about industry trends, emerging threats, and best practices.
- 5+ years of experience in technology risk assessment, control testing, or related roles.
- Audit, compliance and technology risk management background.
- Experience with at least one of the following: ISO 27001/2, NIST, PCI, FedRAMP, WebTrust InfoSec Audit
- Knowledge and understanding of Information Security concepts (threats, vulnerabilities, controls, countermeasures, risk management, etc.) and related Information Security technologies such as: Risk Management Frameworks
Identity and Access Management Systems
Single Sign-On and Two-factor authentication
Firewalls, Content Filtering
Anti-Virus software, Intrusion Detection/Prevention, Vulnerability Assessment software
- Strong communication skills and the ability to work in a multi-disciplined environment.
- Strong problem-solving skills combined with the ability to work on multiple concurrent tasks.
- Must be able to lawfully work within the US and have unrestricted work authorization for US.
- Bachelor’s degree in a related field
- 2-3 yrs experience performing control validation/testing/consulting with a large professional services firm.
- One or more relevant professional certifications (e.g. CISSP, CISM, CISA, SSCP, CEH, CRISC, etc)
- Experience implementing ISO 27001/2 and/or extensive audit experience.
- Experience with risk quantification methodologies (e.g. FAIR)
- Project Management experience
Entrust is an EEO/AA/Disabled/Veterans Employer
For Canadian Roles, Or Where Applicable
Entrust values diversity and inclusion and we are committed to building a diverse workforce with wide perspectives and innovative ideas. We welcome applications from qualified individuals of all backgrounds, and we strive to provide an accessible experience for candidates of all abilities.
If you require an accommodation, contact accessibility@entrust.com.
Recruiter
Steve Donahue
Steve.Donahue@entrust.com
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Legal -
Industries
Software Development
Referrals increase your chances of interviewing at Entrust by 2x
See who you knowGet notified about new Senior Compliance Analyst jobs in Minnesota, United States.
Sign in to create job alertSimilar jobs
People also viewed
-
Security Operations Analyst I
Security Operations Analyst I
-
Cyber Security Analyst
Cyber Security Analyst
-
Threat Analyst 3
Threat Analyst 3
-
Information Security Analyst
Information Security Analyst
-
Information Security Engineer
Information Security Engineer
-
SOC Analyst
SOC Analyst
-
SOC Analyst
SOC Analyst
-
Information Security Engineer
Information Security Engineer
-
Cyber Security Specialist
Cyber Security Specialist
-
Remote Work - Need Sr IT Security Analyst
Remote Work - Need Sr IT Security Analyst
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub